Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Zoom Rolls Out End-To-End Encryption (E2EE) Next Week

Zoom Rolls Out End-To-End Encryption (E2EE) Next Week

Zoom announced today that it will roll out end-to-end encryption (E2EE) for all users starting next week, as part of a 30-day technical preview.

To start using E2EE when joining new meetings during this roll out phase, meeting participants will have to join using the Zoom desktop client, mobile app, or from Zoom Rooms.

Users will know if their meeting uses E2EE if a green shield logo with a padlock is displayed in the upper left corner of the window.

“We’re excited to announce that starting next week, Zoom’s end-to-end encryption (E2EE) offering will be available as a technical preview, which means we’re proactively soliciting feedback from users for the first 30 days,” Zoom Head of Security Engineering Max Krohn said today.

“Zoom users – free and paid – around the world can host up to 200 participants in an E2EE meeting on Zoom, providing increased privacy and security for your Zoom sessions.”

Image: Zoom

Zoom E2EE and its current downsides

All E2EE encryption keys are generated by meeting participants’ machines instead of Zoom’s own servers, thus making all exchanged data indecipherable by Zoom or other third parties, with the exception of each meeting participant.

Also Read: Personal Data Websites: 3 Things That You Must Be Informed

“In typical meetings, Zoom’s cloud generates encryption keys and distributes them to meeting participants using Zoom apps as they join,” Krohn explained.

“With Zoom’s E2EE, the meeting’s host generates encryption keys and uses public key cryptography to distribute these keys to the other meeting participants.

“Zoom’s servers become oblivious relays and never see the encryption keys required to decrypt the meeting contents.”

To start using E2EE when joining Zoom meetings, users have to enable E2EE meetings at the account level and opt-in for E2EE meetings on a per-meeting basis.

Image: Zoom

While E2EE provides users with improved security, privacy, and data protection to Zoom meetings, some functionality is limited when it is enabled.

“Enabling this version of Zoom’s E2EE in your meetings disables certain features, including join before host, cloud recording, streaming, live transcription, Breakout Rooms, polling, 1:1 private chat, and meeting reactions,” Krohn added.

Risk-based authentication for Free/Basic users

An initial draft cryptographic design for Zoom’s E2EE offering was published on GitHub on May 22 and a second updated version was uploaded on June 17 (a list of all the changes can be found here).

Also Read: Trusted Data Sharing Framework IMDA Announced In Singapore

The E2EE meeting option was first announced by Zoom in May 2020 as a feature that will only be available to paying customers, with free/basic users to only get access to 256-bit GCM encryption.

These plans were changed in June when Zoom’s CEO Eric S. Yuan said that free/basic users will also be able to use E2EE after verifying their accounts via additional identification such as their phone number.

“Free/Basic users seeking access to E2EE will participate in a one-time verification process that will prompt the user for additional pieces of information, such as verifying a phone number via text message,” Zoom also confirmed in today’s announcement.

“We are confident that by implementing risk-based authentication, in combination with our current mix of tools — including our work with human rights and children’s safety organizations and our users’ ability to lock down a meeting, report abuse, and a myriad of other features made available as part of our security icon — we can continue to enhance the safety of our users.”

Zoom estimates that the next E2EE rollout phase will start in 2021, adding Single sign-on (SSO) integration and better identity management.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us